資訊管理學報
薛夙珍; 黃景彰;
頁: 1-21
日期: 1998/08
摘要: 在Internet線上使用信用卡付款,於提供信用卡付款資訊之後,真正的貨款轉移及隨後的銀行問清算,是以現有信用卡付款的組織體系為基礎。此類系統較易與現行的體系整合,故發展的速度較快,所以我們預期它是各種電子支付協定中,是最廣為社會所接受的方式。這一篇文章回顧了最近幾年來Internet線上信用卡付款系統技術的發展;我們回顧了以卡號加解密為主的「傳輸加密(channel encryption)」方式、IBM蘇黎士實驗室的iKP協定(Internet Keyed Payment Protocol)、提供「持卡人證書(cardholder certificate)」作為個體識別的SET、與以「信用卡證書(credit card certificate)」取代「持卡人證書」的Revised SET、匿名信用卡協定五種方法。經過對各種線上信用卡付款系統詳細的分析與討論,我們知道由於在設計上對交易個體間彼此信任關係的基本假設不同,各種協定採行了不同的安全保障方法,也因此有了不同程度的隱私保護。最後,我們也預測未來的發展趨勢。
關鍵字: 線上付款; 信用卡; 安全; 隱私權; 電子證書;
Abstract: It is anticipated that on-line payment by credit card will be quickly accepted by elec-tronic payment protocols. Fund transfers and clearings that follow the transmission of infor-mation about payment by credit card over the Internet are based on the current credit card payment infrastructure. Due to easy integration with current banking systems, on-line payment systems using credit cards have been quickly developed. This paper reviews several techniques that facilitate on-line payment by credit. card over the Internet. Included are the "channel encryption" method that relies on the encryption .of credit card numbers; Internet Keyed Payment (iKP) protocol developed by IBM Laboratory at Zurich; SET that provides "cardholder certificate" as individual identity; revised SET that substitutes "cardholder certificate" by "credit card certificate"; and anonymous credit card protocols. The distinct protocols make different assumptions about trust between transaction parties, and apply diversified security protection mechanisms. As a result, they induce different degrees of privacy protection. Future trends of this technology are also predicted.
Keywords: On-line payment; Credit card; Security; Privacy; Digital certificate;;
瀏覽次數: 6607 下載次數: 70
引用 導入Endnote
頁: 1-21
日期: 1998/08
摘要: 在Internet線上使用信用卡付款,於提供信用卡付款資訊之後,真正的貨款轉移及隨後的銀行問清算,是以現有信用卡付款的組織體系為基礎。此類系統較易與現行的體系整合,故發展的速度較快,所以我們預期它是各種電子支付協定中,是最廣為社會所接受的方式。這一篇文章回顧了最近幾年來Internet線上信用卡付款系統技術的發展;我們回顧了以卡號加解密為主的「傳輸加密(channel encryption)」方式、IBM蘇黎士實驗室的iKP協定(Internet Keyed Payment Protocol)、提供「持卡人證書(cardholder certificate)」作為個體識別的SET、與以「信用卡證書(credit card certificate)」取代「持卡人證書」的Revised SET、匿名信用卡協定五種方法。經過對各種線上信用卡付款系統詳細的分析與討論,我們知道由於在設計上對交易個體間彼此信任關係的基本假設不同,各種協定採行了不同的安全保障方法,也因此有了不同程度的隱私保護。最後,我們也預測未來的發展趨勢。
關鍵字: 線上付款; 信用卡; 安全; 隱私權; 電子證書;
On-line Payment by Credit Card: A Review and an Assessment of the State-of-the-Art Technology
Abstract: It is anticipated that on-line payment by credit card will be quickly accepted by elec-tronic payment protocols. Fund transfers and clearings that follow the transmission of infor-mation about payment by credit card over the Internet are based on the current credit card payment infrastructure. Due to easy integration with current banking systems, on-line payment systems using credit cards have been quickly developed. This paper reviews several techniques that facilitate on-line payment by credit. card over the Internet. Included are the "channel encryption" method that relies on the encryption .of credit card numbers; Internet Keyed Payment (iKP) protocol developed by IBM Laboratory at Zurich; SET that provides "cardholder certificate" as individual identity; revised SET that substitutes "cardholder certificate" by "credit card certificate"; and anonymous credit card protocols. The distinct protocols make different assumptions about trust between transaction parties, and apply diversified security protection mechanisms. As a result, they induce different degrees of privacy protection. Future trends of this technology are also predicted.
Keywords: On-line payment; Credit card; Security; Privacy; Digital certificate;;
瀏覽次數: 6607 下載次數: 70
引用 導入Endnote